Mankind has always been interested in security. The first known lock—estimated to be 2,800 years old—was discovered just outside the ruins of Khorsabad palace near Nineveh, in Modern-day Iraq. Biometric testing seems to have been invented by the Chinese around 1400 A.D., where an explorer observed people inking children's feet and hands, and then stamping them on pieces of paper, creating an accurate identification system.
Since then, security systems have continued to improve. Today, not only doors are locked; information, too, is locked away, with the key commonly being a password. Passwords have their own difficulties. Passwords that are easy to remember are also easy to be discovered by trial and error methods. Safer passwords—because they are longer, contain numbers and special characters, etc., are quite difficult to remember and so often are written down, leading to a different sort of security breach. Passwords can also be inadvertently disclosed—e.g., they can be viewed when they are being typed in.
Security cards, often combined with passwords (or PINS—short, numeric passwords) are also commonly used, and present similar security problems to passwords; that is, the cards can be stolen or lost; the passwords associated with them tend to either be easy to remember (and, therefore, easy to crack) or long and complicated, which leads them to being written down, often on the card itself.
As locks get more sophisticated, so do the lock breakers. One common method to gain entrance to password-protected data is “phishing”, where an untrustworthy person masquerades as a legitimate business. Commonly, such “phishers” send an official looking e-mail (or an instant message, or a letter) requesting password information. Sometimes, they present screens to the user representing a trusted entity, which legitimately needs the password.
To counter these problems, biometric methods—physiological and behavioral characteristics used to verify identity—are increasingly being used. For example, biometric fingerprint information (probably the best-known physiological biometric data) is gaining acceptance as a method of verifying identity. Fingerprint readers as small as a pack of cards have been developed, and the verification process (pressing one's finger against a platen) is seen as harmless. Iris pattern recognition (matching the unique pattern in the colored portion of the eye that surrounds the pupil) is also used, and systems exist that can perform face recognition, often emphasizing areas difficult to alter, such as the eye socket upper outline, the sides of the mouth, and the planes of the face around the cheekbones.
However, biometric data, unlike passwords and keys, can only authenticate someone up to a confidence level; that is, a biometric system will give a certain percentage of false matches, false negatives, and will fail to enroll a certain percentage of each test population. There are people who cannot enroll in certain biometric systems due to their biological “sample quality”. For example, some fingerprints are too smooth to give clear-enough samples to create clear-enough templates to effectively use.
Certain medications can also make biometric test results unreliable. For example, there are drugs, such as atropine, that dilate the eye, making iris identification impossible. Also, certain illnesses can lead to a user falsely being rejected by a biometric system. Having a head cold may change a user's voice sufficiently that he or she will be rejected by a voice-recognition system. Therefore, not all people can be enrolled or can use each biometric test.